cryptsetup:not included in initramfs while hooks get called

cryptsetup:not included in initramfs while hooks get called

Posted: Sun Dec 27, 2015 8:17 pm

by Chuck

Hi all,

I tried today to build a jessie initramdisk including cryptsetup (plus dropbear and busybox) to be able to use an encrypted root partition/full disk encryption. It was a bit of a rough path with some debugging. I just would like to document how it got running in the end in case smebody stumbles over the same problem (or has a proper fix )

In the end my problem was, that -while initramfs hooks for cryptsetup (cryptroot) got called when building a new initramdisk- the binaries for cryptsetup etc. got apparently not copied into the initramfs.

While this got the binaries into the initramfs, the modules got not loaded and the initrd's's /proc/crypto stayed quite emtpy - thus, I added the modules to /usr/share/initramfs-tools/modules / /etc/initramfs-tools/modules as well. Afterwards the initramfs was able to give me a password prompt and got into the LUKS encypted partition

Hope, it can be of help or maybe somebody has a better idea?

Cheers,
Thomas

Re: cryptsetup:not included in initramfs while hooks get cal

Posted: Thu Jan 21, 2016 8:11 pm

by ervee

Hi,

I had a similar problem after installing Raspbian Jessie. After modifying and encrypting the btrfs root partition and placing it back into the Pi, no cryptsetup to unlock the root.

Debugging the hooks/cryptroot I found the hook is looking for an encrypted root filesystem. But the root filesystem is not encrypted yet during that stage.

What I did was just fake an encrypted root and edit the cmdline.txt, fstab and crypttab before removing the SD card and actually encrypting it.

If I put the public key in its own line it will accept my connection but drop to busybox.
If I put everything in one line it will ask for a (user-)pass on login and not for the cryptpass.
The pi is running latest raspbian with latest kernel via rpi-update.
Did someone experience the same maybe and is able to help out?